Posted on Tuesday, 27th July 2004 by sean
The Spanning Tree Protocol (STP) exists to build a loop free path on layer two.
The exam outline has the following items related to STP:
- Explain the operation and purpose of the Spanning-Tree Protocol (STP) on a switched network
- Enable Spanning Tree on ports and VLANs
- Configure Spanning Tree parameters including: port priority, VLAN priority, root bridge, BPDU guard, PortFast amd UplinkFast
- Tune and troubleshoot spanning-tree protocol on a multilayer switched network to enhance network performance, prevent network loops, and minimize downtime
The example
The network that I’ll be demonstrating STP on is below:
All the switches are redundantly connected, forming a loop. Consider the case where a host on switch 1 sends a packet to a host on another switch. S1 does not have the packet in its CAM table (a mapping of MAC addresses to ports), so it floods the packet to all connected ports, ie S2 and S3.
S2 and S3 are in the same situation, not knowing where the packet is to go. They flood the packet to all the ports (except the one it came in, of course). S2 sends it to S3, S3 sends it to S2. Neither knows where it is, so they both send to S1. A loop is formed, the packets continue to flood, and the results aren’t pretty. This is why IP has a Time To Live field.
The solution to the problem is to artificially induce a break in the network to stop the loop. The problem, though, is that this must be done deterministically, since switches don’t share the entire topology. That is, each switch must know if it has to shut down a port. If they were to accidentally shut down the wrong port, the network would be broken. STP’s job is to come up with the loop free topology, and allow each switch to make the decision as to if it needs to shut any ports down.
Spanning Tree Algorithm
The first step is for all nodes on the network to elect a Root Bridge. The root bridge forms the basis for all the calculations. The “Tree” from Spanning Tree implies a tree structure, the root bridge is the root (bottom) of the tree.
Each switch periodically sends out Bridge Protocol Data Units, or BPDUs. Each BPDU includes the bridge ID (a two byte priority combined with the 6 byte MAC address) of both the device that the sender thinks is the root bridge, and that of the sender, the id of the port that sent the BPDU, and the path cost from the sender to the root bridge.
Upon receiving a BPDU, the switch examines the bridge ID of the root bridge that it received from the neighbour, and that of itself. The lowest bridge ID wins. If the received bridge id is lower, the switch sets the known root bridge ID to the received one and continues on. If not, the other switch will learn about it when it gets the next BPDU. BPDUs are not passed through the switch, they are regenerated by each switch using the latest information.
Each switch starts off assuming it is the root bridge, and sets the root bridge ID to the default priority (32768, or 0xF0) and its MAC address. Note that if two priorities are equal, it is the lowest MAC address that wins.
In the network above, all switches send out BPDUs saying they are the root bridge. Assuming priorities are the same, S3 will receive BPDUs from S1 and S2, and choose S1 as the root bridge. The next time it sends out BPDUs, it will say that the root bridge is S1. Likewise, S2 will figure S1 as the root bridge. S1 will see the BPDUs from S2 and S3 but not change its perception of the network.
Once a root bridge is elected, each non root switch figures out which port is closest to the root bridge by looking at the cost field in the BPDU (assuming multiple paths to the root are found). When a BPDU comes in to a switch, it adds the local cost of the link to the received value. BPDUs coming from the root bridge will have a value of 0. The port with the lowest cost wins, or in the case of a tie, the lowest port id.
The following table summarizes the costs:
| Link speed | New cost | Old Cost |
|---|---|---|
| 10G | 2 | 1 |
| 1G | 4 | 1 |
| 100M | 19 | 10 |
| 10M | 100 | 100 |
The old specification was based on 1Gbit/sec, so anyhting higher had the same cost. The new spec uses arbitrary numbers.
In the example above, assuming all ports are 100Mbit, S1 will advertise a cost of 0 to S2 and S3’s Fa0/1 interfaces. S2 will advertise a cost of 19 (0 + the received link cost of 19) to S3, and S3 will advertise 19 to S2. They will both choose Fa0/1 as the root port because the cost is only 19, as opposed to 38 by choosing Fa0/2.
The next step is to calculate the designated port. Each segment needs a designated port. The picture above has three segments, ie the links between each switch. By default, the root bridge’s ports are all designated ports, so that one is easy. The only one up in the air is the S2-S3 link.
First, the root path cost is evaluated. Both have a cost of 38 to the root, so that’s a tie. The bridge ID is examined, meaning S2’s Fa0/2 is the designated port for the segment. If this were a tie (ie two links to the same switch), the lowest port ID would have been chosen.
At this point, anything that is not a root port or a designated port is blocked. S3’s Fa0/2 blocks (ie doesn’t send or receive packets), breaking the loop in the network.
The whole process brought together
Now that the process of building the tree is out of the way, the actual operation of STP differs slightly.
First the concept of port states must be introduced. A port moves through various states and behaves differently at each step.
A port starts off as blocking, meaning it listens only for BPDUs to understand the topology, and does not send anything. From blocking, it moves to listening, where it participates in the BPDU process. Here the root bridge election happens, and the spanning tree is built. From here, it goes to learning (assuming the port wasn’t blocked for loop avoidance purposes). In learning state, it builds the MAC/CAM table based on what it hears (though it doesn’t pass any frames). After learning, the port is in forwarding mode where it works like normal.
BPDUs are sent out every two seconds using a multicast frame. BPDUs are only sent out on designated ports. In reality, there are two types of BPDUs, configuration BPDUs and topology change notification (TCN) BPDUs. The root bridge constantly sends out the configuration BPDUs out the designated ports, and not out the root port (ie not toward the root).
If an event happens (ie a link state or port mode changes), the switch starts sending TCNs out the root port until they are acknowledged by the upstream switch. This switch does the same until the root switch hears the TCN. The root then sends out a configuration BPDU with the topology change bit set for 35 seconds (max_age + forward_delay in the next section). Devices receiving this age out CAM tables entries faster (forward_delay instead of the regular 300s). The regular STP process will then cause the new link to be brought up and the tree rebuilt as necessary.
Timing Summary
A port stays in blocking for 20s called the max_age
A port stays in listening mode for 15s, called the forward_delay
forward_delay also specifies how long the port stays in learning mode.
Thus, the time for a backup link to move from blocking to forwarding after a failure is 20+15+15s = 50s. This can of course be changed by adjusting the timers.
Understanding Spanning-Tree Protocol
No related posts.
Related posts brought to you by Yet Another Related Posts Plugin.
Posted in Switching | Comments (0)
